Caught my eye - special forces, global "gangs", and cyberspace as battlespace

First up - John Arquilla argues that jihadists are being given a free ride in cyberspace; they should be driven out instead. Tim Stevens responds to John's argument - he warns against using the internet as a battlespace.

Crystal ball time: the future is not looking good for the UK with water, oil and food shortages, plus crop and animal diseases and, of course, climate change.

But that's ok because things are going well in Afghanistan, right? According to the Telegraph, British and US special forces are poised to "break the back" of the Taliban insurgency in Helmand. H/T Glamdring. Some comment on this tomorrow.

And from one kind of insurgency to another: Adam Elkus and John P Sullivan on global gangs. A question - is it accurate to label these organizations as "criminal gangs"? The "gangs" Adam and John describe seem to be evolving into complicated entities. Again, more on this later.

Why "tomorrow" and "later"? I'm engrossed in Niall Ferguson's Empire: How Britain Made the Modern World (2003). I held off reading this history of the British empire, thinking that it looked dry, but I'm glad I plucked it from the shelf. One thing I like is that Ferguson seamlessly integrates the economic and financial aspects of empire with the political, social and military. 

Russia, and why it's hard to win counterinsurgencies

This article, about the renewed insurgency by Islamic radicals in Russia's North Caucasus region, highlights how hard it is for states to "win" counterinsurgencies. And how, by assessing the situation over a short time frame, we fool ourselves into thinking that things are over.

Through brute force, a state might end one phase of conflict. But old grievances remain, new ones are added, and both are sharpened by brutal repression and humiliation. Lack of jobs means that young people have plenty of time and energy to forment revolt. If the ideas that animated earlier phases of insurgency have played out, new ideas, like radical creeds linked to operational tactics that worked elsewhere (e.g., suicide bombing, roadside IEDs), fill the void and spark further insurrection.

In these situations, struggle may also morph into new forms. As a nascent form of conflict, cyber-warfare seems ripe for exploitation by insurgents. There may be others. 

Human guinea pigs in North Korea?

I doubt that Tom Clancy could top this Al Jazeera article. What with North Korea, WMDs, human guinea pigs, renegade commandos, and biochem weapons fired from "bazookas", this lurid piece has it all...

"When Im Chun-yong made his daring escape from North Korea, with a handful of his special forces men, there were many reasons why the North Korean government was intent on stopping them.

They were, after all, part of Kim Jong-il's elite commandos - privy to a wealth of military secrets and insights into the workings of the reclusive regime.

But among the accounts they carried with them is one of the most shocking yet to emerge – namely the use of humans, specifically mentally or physically handicapped children, to test North Korea's biological and chemical weapons."

Not being an expert on biological and chemical weapons, I asked the Armchair Generalist for his take on the claim. "Off the top of my head, it sounds like propaganda," J. said. "Haven't heard of this from more legitimate government sources, but I'll look around".

I suspect it's propaganda too. But hey, many strange things happen in the DPRK, so I'm keeping an open mind.

Caught my eye - freelance hackers and puppet stooges

Some blog posts and articles that caught my eye this week...

• China plans to use its massive foreign exchange reserves to snap up overseas natural and energy resources.

• David Rondfeldt blogs about collaborative communities as a way of organizing for cyber security.

• Desertec is one step closer to generating electricity from sunlight falling on North African deserts.
  

• Dark Visitor notes a poll of China's netizens: asked which criminal job they'd prefer, most chose freelance hacker over human trafficker, assassin, drug dealer, gambler, gang leader, spy and robber.

• On the 56th anniversary of the great Fatherland Liberation War, a North Korean war hero recalls the defeat of the US imperialist aggressors and their puppet stooges.

Caught my eye - Silvio Berlusconi and the Alaska ethics elves

Here are some articles and posts that caught my eye this week...

• An interview with economist Thomas Schelling on global warming and the collective bargaining of international climate change negotiations.

• The Chinese are worried about their vulnerability to cyber-warfare. Meanwhile a Sino-Turkish cyber conflict may be about to break out.

• Possibly the most pathetic opinion piece I've ever read: poor Sarah Palin, hounded to resignation by the "Alaska ethics elves" (h/t AE).

• Global Dashboard almost causes a diplomatic incident with Italy, then makes a grovelling apology to Silvio Berlusconi. My take on this: who cares if Silvio's hosting of the G8 was crap? He throws some bloody good parties and that's all that matters.

• On 13 July Korean News fondly remembered the visit of DPRK President Kim Il-sung to a farm co-operative's vegetable greenhouse in May Jurche 70: "That day, the President instructed officials that the brook in the rear of the greenhouse should be dug two meters deep".

John Robb on the "North Korean" cyber attack

Great observation from John Robb on the recent DDOS attack against American and South Korean government and commercial websites...

"The US government, Stratfor and others are hyperventilating, claiming it to be the work of the North Korean Government. Essentially, there is a 50,000 PC botnet (using old software) in Asia doing the DDoS attacks against US and S Korean websites.  This is most definitely something a single individual could pull off (old thinking: only a government could do this... new thinking: superempowered individuals are more than capable). 

The government/consultant cyberwar crowd can't seem to move beyond the state vs. state vision of cyberwarfare (not sure how you fix this mindset, it's so pervasive with those over 40 -- exactly the same guys about to spend tens of billions of a cyberwar boondoggle)."

Pyongyang not to blame for cyber attacks?

IntelFusion explains why Pyongyang may not have been behind the recent cyber attacks on American and South Korean websites (via ubiwar):

"this rather smallish botnet which was amateurishly crafted would not have passed muster at any of the official IT research facilities associated with the DPRK. These are well-educated individuals, some having attended the Indian Institute of Technology (one of the world’s top technology schools) and the quality of their work is high."

Cyber saboteurs emerge from the shadows

OK, so I've been rather sceptical about North Korea's cyber warfare capabilities. It's a tad hard to square news of elite cyber saboteurs with this crappy DPRK government website. But maybe I was wrong.

Over the weekend, North Korean-linked hackers carried out distributed denial-of-service (DDOS) attacks against US and South Korean government and commercial websites.The websites targeted included those of the US Secret Service and the White House, the New York Stock Exchange, and South Korea's Defense Ministry and National Assembly.

Tim Stevens, who blogs at ubiwar, was quoted as saying that "this type of 'denial of service' attack was designed to disrupt rather than penetrate a system to obtain data". Opinion varies about the scale and sophistication of the attacks. The Guardian described it as "a paralysing barrage of electronic cyber attacks", but this article claimed that the attacks were relatively unsophisticated and small-scale, involving 50,000 to 65,000 computers.

Another thing I've been sceptical about is the effectiveness of DDOS attacks. What's the big deal if a couple of websites are down for a day or two, right? But according to the Technology Liberation Front...

"The only real cost of an attack such as this one is writing an effective bit of malware that can spread itself around, compromise tens of thousands of machines, and allow an attacker to call on this army of unwilling silicon conscripts whenever it wishes.  When viewed from the hundred-billion-dollar heights of nation-state budgets, this cost is essentially zero....

DDOS attacks are a cheap (hijacking is free), relatively hard to trace, and very effective way for a state or non-state actor to inflict meaningful economic losses on others."

Banks and companies carry out a lot of business via their websites. Increasingly, government departments are delivering core services through their web portals, like getting people to apply online for welfare benefits and grants. Even temporary disruptions can inflict big costs on businesses, departments and customers alike. This is a pretty good return on investment for hackers.

The "guiding hand" of Beijing?

It's interesting to speculate about how the Chinese have organized their information operations for the Urumqi unrest. Is the CCP hierarchy coordinating the response - the command and control approach? President Hu Jintao's sudden return from the G8 summit in Italy suggests that this is the case.

On the other hand, you wouldn't expect that Party officials and police commanders on the ground would have to wait for orders from Beijing before stamping out unrest. Why should the information response be any different?

The speed of the response suggests premeditation. It also hints at a flexible and decentralized approach, with the central bureaucracy playing a "guiding hand" role. This could involve setting the general operational framework well in advance, and when trouble erupts letting semi-autonomous and networked groups respond quickly and flexibly without needing to be told what to do, e.g., in the Urumqi situation, by shutting down internet access, blocking Twitter, "managing" foreign journalists, and censoring domestic coverage of the unrest.

Like I said, this is speculative. But the "guiding hand" idea is something that I'll return to in the context of how governments could defend against cyberwar attacks.

Organizing for cyberwar - "we might be a vapour"

How can governments organize to fight cyberwar?

The UK government's cyber-security strategy* assumes that a centralized and top-down approach (business as usual, in other words) is the way to go. Two new bureaucracies, the Office of Cyber Security and the Cyber Security Operations Centre, will be set up to focus and coordinate the cyberspace activities of a plethora of other government agencies (which includes GCHQ, the Serious Organised Crime Agency, and MI5).

This approach strikes me as a bureaucratic, lumbering and unimaginative approach to an emerging form of warfare. It's like being in France in 1940 and trying to stop fast-moving German tanks with foot-slogging infantry.

My sense is that cyber organization has to be loose, decentralized, flat, fast and adaptive. (If you've spent time in public service you'll know that this is precisely not how government operates.) One approach could be networks of small and ad hoc groups of experts, loosely tethered to government but operating autonomously within a general framework, which come together for particular aims and dissolve or reconstitute once the aims have been achieved. Different groups and networks might be assigned to different aspects of cyberwar, but there would be a high degree of collaboration between them.

In Seven Pillars of Wisdom, T E Lawrence provides the essence of an ethos for this approach. "Armies were like plants," he wrote, "immobile, firm-rooted, nourished through long stems to the head". His Arab guerrillas were different, and something new: "We might be a vapour, blowing where we listed".

* Earlier post on the UK strategy here.

No managers need apply to "Spectre Force"

Here's a post I've written at Global Dashboard, on the Brits and their bureaucratic approach to cyber-war.

Caught my eye - China power and cyber "strikeback"

• China's making massive investments in solar and wind power. As I've mentioned before, this is an important trend to watch, and one where China could steal a technological march on the west.

• Edward Glaeser writes about bulldozing America's shrinking cities, and how "urban decline is a reality in much of older, colder America".

• America and Britain prepare to "strikeback" against Russian, Chinese, and North Korean (???) hackers.

North Korea's cyber-spooks - is this for real?

Not sure whether to take this seriously...

"North Korea runs a cyber warfare unit that tries to hack into US and South Korean military networks to gather confidential information and disrupt service.... The North's military has expanded the unit, staffing it with about 100 personnel, mostly graduates of a Pyongyang university that teaches computer skills..."

...or to laugh...

"North Korea is believed to have a keen interest in information technology. Dictator Kim Jong Il has pushed for further development of advanced computer technology, saying those who don't use computers are among the "three main fools of the 21st century" along with those who smoke and don't appreciate music."

"We will fight them in the maritime approaches"

Here's what I found interesting in the Australian Defence White Paper...

The paper, which looks out to 2030 and beyond, takes as its start point the idea that Australia faces an uncertain and risky strategic situation in the Asia Pacific region. This situation is characterized by China's rise as a great power, capable of projecting military force over long distances, the reaction of other Asian powers to China's rise, and the relative decline of US power in the region.

Canberra considers that Australia has to be ready to fight high-tech conventional warfare against modern Asian militaries. It will also have to intervene in "intra-state conflicts" in the South Pacific and Southeast Asia, and contend with a range of "non-state actors" (i.e., insurgents, terrorists and the like).

Australia's most vital strategic interest is defending itself against direct armed attack (whether conventional or unconventional). The primary task of the Australian Defence Force (ADF) is to deter and defeat such attacks in the maritime approaches to Australia.

In this, Australia has to be able to go it alone. An ADF with "balanced capabilities" is required. That said, there's a big emphasis in the paper on enhancing maritime capabilities, with the ADF becoming "more potent" in undersea warfare, anti-submarine warfare, and surface maritime warfare. In particular, Canberra intends to expand the submarine fleet, replacing its six Collins-class boats with 12 new submarines.

Also emphasized are enhanced capabilities in strategic strike (Canberra will buy 100 F-35 Joint Strike Fighters, and sea-based land-attack cruise missiles), intelligence, surveillance and reconnaissance (including the acquisition of a satellite with remote-sensing ability), and cyber-warfare.

"Outrageous as a (cyber) sea"?

I like the way Adam Elkus integrates the ideas of classic military strategists - like Jomini, Mahan and Lawrence - with nascent practices of cyberwar:

"With movements massing force in cyberspace for viral propaganda and debilitating denial of service attacks, Antoine-Henri de Jomini’s long-obsolete theories of mass and concentration have paradoxically been revived in cyberspace.

Cyber-mobilization is a process of massing force against decisive points. Above all, cyber-mobilization is a popular form of conflict, not a bunch of elite soldiers typing away in cubicles trying to increase their unit’s Google pagerank. It thrives on public participation and dies without it."

A bit further down, Adam describes cyberspace as "the digital ocean". This is an interesting comparison. In the 19th century the Royal Navy policed the world's sea lanes, allowed trade to flow freely; the US Navy performs a similar role today. In the future, is there scope for cyberwar agencies to work together to police the global digital ocean against those groups that use cyberspace for ill - criminals, terrorists, 'information militias' and renegade powers?

Or like Milton's abyss - "outrageous as a sea, dark, wasteful, wild"* - is cyberspace just too vast and dispersed to be policed effectively?

* John Milton, Paradise Lost, VII.213

Use Cyberwar at Your Peril?

At Global Guerrillas, John Robb has posted an interesting piece on cyberwar. Citing Russia and China, John explores some advantages to states of using this form of open source warfare - including deniability, the vast talent pool available (hackers, IT workers, criminals), and access to the best resources and weapons:

"The best tools for cyberwarfare are developed in the cybercriminal community....a plethora of botnets, worms, compromised computers within target networks, identity information..."  

But surely it's not as straightforward as John suggests. There are significant risks for states who dabble in open source cyber-warfare. Here's some thoughts...

• Governments like to control things. They get nervous when individuals and organizations - whether militias, criminal gangs, hackers - operate outside their control, especially when such organizations impinge on what states regard as their prerogatives, like the waging of war against other states.

• States use war as an instrument of policy, to further political aims. They seek to use violence in proportion to the objectives they seek. But as John suggests, cyberwar, as practised in an open source way, is "messy, chaotic, and nearly impossible to control". It seems like a very unreliable instrument.

• If you co-opt cybercriminals, patriotic hackers and malcontents you risk blowback. Criminals, for example, could turn cyberwar tactics against a previously friendly government, or hire out their expertise to that government's enemies.

I'm not suggesting that the Russian and Chinese regimes aren't using open source cyberwar. But they are probably keenly aware of the perils. Either Russian and Chinese officials are nervously looking over their shoulders, or they've worked out effective ways to manage the risks. If the latter, it would be interesting to know what they're doing.

In the Painful Field

"We are but warriors for the working-day," Shakespeare wrote in Henry V. "Our gaiety and our gilt are all besmirch'd, with rainy marching in the painful field."

These days you don't need to leave your house to join an army. You can even fight in a war - a real war, not some online game - from the comfort and safety of your own bedroom, thousands of miles from the 'painful field'. Evgeny Morozov writes about how fast and easy it was to enlist as a Russian cyber-warrior, and take part in denial-of-service attacks against Georgian government web sites.

"I had a [simple] objective: to test how much damage someone like me, who is quite aloof from the Kremlin physically and politically, could inflict upon Georgia's Web infrastructure, acting entirely on my own and using only a laptop and an Internet connection.

If I succeeded, that would somewhat contradict the widely shared assumption — at least in most of the Western media — that the Kremlin is managing this cyberwarfare in a centralized fashion. My mission, if successful, would show that the field is open to anyone with a grudge against Georgia, regardless of their exact relationship with state authorities."

The Virtual Battlespace

This sounds like a great job. Tim Stevens, who blogs at ubiwar, is going to be a research assistant at the Countering Online Radicalisation project at King's College, London. Here's what the project entails:

"Violent extremists have become skilful at using the Internet to spread propaganda, radicalise and recruit. According to some estimates, there are thousands of extremist web sites on the net, with countless web forums and blogs through which ‘online jihadists’ and other extremists (for example, neo-Nazis) meet, communicate, and promote the use of terrorism and political violence.

Thus far, governments and law enforcement agencies have done little to stop the rise of ‘online radicalisation’ - partly because there seem to be no good solutions. Blocking sites may be regarded as censorship, and there are doubts as to whether such ‘hard’ approaches can ever be effective. Conversely, ‘soft’ approaches (for example, creating web sites to promote tolerance and cultural understanding) take time until they deliver tangible results, and it is not clear how they would deter those determined to ‘seek out’ extremist material.

How feasible are ‘hard’ and ‘soft’ approaches? What are the problems with each, and how could they be overcome? What are the most innovative solutions developed by entrepreneurs and grassroots initiatives?"

But why limit 'hard' approaches to blocking extremist web sites? These sites and the "countless web forums and blogs" constitute a virtual battlespace in which to take the fight to the enemy. This battlespace provides western agencies and their proxies with opportunities for online intelligence gathering, surveillance, infiltration, psychological warfare, and false flag operations. Some people have suggested that 'virtual assassination' could also be employed.

An Online Afghanistan

This BBC article outlines how terrorists could use virtual worlds to advance their causes:

"There's more of a chance of things like Jihadi worlds coming online in the next five years. The visual richness of virtual worlds made them good places to educate recruits about techniques. We can see groups emerging in cyber spaces and virtual communities that would be wholly radical. They would organise and radicalise in virtual worlds and attack using cyber methods without becoming a real world presence in any real way."

A problem for insurgents is finding secure areas in which to train and rehearse attacks, especially groups that operate in densely populated urban or rural areas. During its campaign against British rule in Northern Ireland, the Provisional IRA had to choose its training areas carefully, to avoid detection by British and Irish security forces.

A related problem, for terrorist networks that are dispersed regionally or globally, is connecting instructors and recruits. Before 9/11, jihadis went to training camps in Afghanistan and Pakistan. Now, with US and NATO forces operating in the Afghan/Pakistan theatre, this approach is increasingly circumscribed. As for secure websites - these are useful for indoctrination but offer only limited scope for instruction. Could virtual worlds provide insurgent and terrorist groups with a solution?

Does the Raptor Provide Real Security?

This is the F-22 Raptor, the US's latest stealth aircraft. The Raptor is an air superiority fighter - in a battle zone its mission is to take out enemy fighter aircraft and surface-to-air missiles, making it safe for other US aircraft to operate. The US Air Force describes it as a critical element of its global strike force and claims that "it cannot be matched by any known or projected fighter aircraft". It cost the American taxpayer US $62 billion.

But does the Raptor provides the US with real security? Jeff thinks it does. I disagree - here's why.

Spectre Force

Several years ago I wanted to be a thriller writer. I wrote a manuscript about a burned out undercover operative called Jeff Strangford who infiltrates a eco-terrorist outfit. This turns out to be an al-Qaeda front operation run by a renegade - but hot - Frenchwoman. Strangford is helped by a gifted but reclusive computer hacker called Alec Sulco, once a member of a black ops information warfare team known as 'Spectre Force'.

Here's how I described Sulco...

'Titan Rain' Comes to Wellington

Washington, London, Berlin, now Wellington? The Dominion Post reports that foreign governments have been busy trying to hack into the computer systems of New Zealand government departments.

According to Dr Warren Tucker, the head of New Zealand's Security Intelligence Service, "government departments' websites have been attacked, information has been stolen and hard-to-detect software has been installed that could be used to take control of computer systems". Tucker was too discreet to directly point the finger, but "referred to comments by Canada's security service about Chinese spying activities".

In recent weeks, international attention has focused on a spate of Chinese hacking attacks against computer networks in the Pentagon, Whitehall and German government offices. Code-named 'Titan Rain' by the Americans, these attacks appear to be part of a continuing and aggressive Chinese cyber-war campaign, coordinated by the People's Liberation Army (PLA), using both military and civilian hackers, and directed largely, although not exclusively against the United States.

There are varying opinions about why the Chinese are carrying out such activities. Espionage is one key reason, although with cyber-attacks it is difficult to see where the line is between spying and conflict.

In my view, China is also seeking to develop competitive advantage in fields, such as cyber-warfare, where the United States does not dominate. The PLA is laying the ground for what the British military writer Basil Liddell Hart described as 'advantageous circumstances' - being in a position to fight a war according to your own terms, not those of the enemy.

Chinese Cyberwar and Advantageous Circumstances

'Advantageous circumstances': Chinese hack Pentagon systems (photo: the Guardian).

A.E. has written an insightful post about the recent spate of Chinese hacking attacks which targeted information systems in the Pentagon, Whitehall and the German government. He quotes RAND analyst Roger Cliff as noting that Chinese security planners subscribe to Basil Liddell Hart's 'indirect approach' strategy:

Cliff: "The principle of avoiding direct confrontation stems from the recognition that China cannot win in direct, force-on-force combat with a militarily superior adversary such as the United States."

It's a common fallacy, repeated by Cliff, that the indirect approach is a strategy only for a side that is militarily weaker. As Liddell Hart emphasized, the 'great generals' of history, from Hannibal to Napoleon, have successfully pursued indirect strategies. It is an approach for a side that uses its brains, regardless of its strength or weakness.

Nor is the indirect approach necessarily a matter of avoiding direct confrontation. Rather, it is about approaching conflict in such a way that maximizes deception, surprise, shock and dislocation of the enemy forces, thereby achieving the enemy's destruction with a minimum of fighting. As Liddell Hart wrote in Strategy (1967):

"Strategy has for its purpose the reduction of fighting to the slenderest possible proportions....For even if a decisive battle be the goal, the aim of strategy must be to bring about this battle under the most advantageous circumstances".

China may be seeking to develop competitive advantage in fields, such as cyberwarfare, where the US does not dominate. This is not a sign of military weakness. The objective may a long-term one of laying the ground for 'advantageous circumstances'.